diff --git a/.editorconfig b/.editorconfig
index 6bb0ce0..17cec3b 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -25,6 +25,11 @@ indent_size = 2
 [*.json]
 indent_size = 2
 
+# YAML files
+[*.{yaml,yml}]
+indent_size = 2
+
+
 # Dotnet code style settings:
 [*.{cs,vb}]
 # Sort using and Import directives with System.* appearing first
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index 475dc41..0f94919 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -6,49 +6,82 @@ pr:
 - master
 - rel/*
 
-pool:
-  vmImage: windows-latest
-
-variables: 
-  BuildConfiguration: Release
-  DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
-
-steps:
-- task: UseDotNet@2
-  inputs:
-    version: 3.0.x
-
-- task: DotNetCoreCLI@2  
-  inputs:
-    command: custom
-    custom: tool
-    arguments: install --tool-path . nbgv
-  displayName: Install NBGV tool
-
-- script: nbgv cloud
-  displayName: Set Version
-
-- task: DotNetCoreCLI@2
-  inputs:
-    command: pack
-    packagesToPack: Zeroconf/Zeroconf.csproj
-    configuration: $(BuildConfiguration)
-    packDirectory: $(Build.ArtifactStagingDirectory)\Packages    
-  displayName: Build / Pack
-
-- task: PowerShell@2
-  displayName: Authenticode Sign artifacts
-  inputs:
-    filePath: scripts/Sign-Package.ps1
-  env:
-    SignClientUser: $(SignClientUser)
-    SignClientSecret: $(SignClientSecret)
-    ArtifactDirectory: $(Build.ArtifactStagingDirectory)\Packages
-  condition: and(succeeded(), not(eq(variables['build.reason'], 'PullRequest')), not(eq(variables['SignClientSecret'], '')), not(eq(variables['SignClientUser'], '')))
-
-- task: PublishBuildArtifacts@1
-  displayName: Publish Package Artifacts
-  inputs:
-    pathToPublish: $(Build.ArtifactStagingDirectory)\Packages
-    artifactType: container
-    artifactName: Packages
+
+stages:
+- stage: Build
+  jobs:
+  - job: Build
+    pool:
+      vmImage: windows-latest
+
+    variables: 
+      BuildConfiguration: Release
+      DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
+
+    steps:
+    - task: UseDotNet@2
+      inputs:
+        version: 3.0.x
+
+    - task: DotNetCoreCLI@2  
+      inputs:
+        command: custom
+        custom: tool
+        arguments: install --tool-path . nbgv
+      displayName: Install NBGV tool
+
+    - script: nbgv cloud
+      displayName: Set Version
+
+    - task: DotNetCoreCLI@2
+      inputs:
+        command: pack
+        packagesToPack: Zeroconf/Zeroconf.csproj
+        configuration: $(BuildConfiguration)
+        packDirectory: $(Build.ArtifactStagingDirectory)\Packages    
+      displayName: Build / Pack
+
+    - publish: $(Build.ArtifactStagingDirectory)\Packages
+      displayName: Publish build packages
+      artifact: BuildPackages
+
+    - publish: config
+      displayName: Publish signing config
+      artifact: config
+
+- stage: CodeSign
+  condition: and(succeeded('Build'), not(eq(variables['build.reason'], 'PullRequest')))
+  jobs:
+  - deployment: CodeSign
+    displayName: Code Signing
+    pool:
+      vmImage: windows-latest    
+    environment: Code Sign - CI
+    variables:
+    - group: Sign Client Credentials
+    strategy:
+      runOnce:
+        deploy:
+          steps: 
+          - task: DotNetCoreCLI@2
+            inputs:
+              command: custom
+              custom: tool
+              arguments: install --tool-path . SignClient
+            displayName: Install SignTool tool
+
+          - pwsh: |
+              .\SignClient "Sign" `
+              --baseDirectory "$(Pipeline.Workspace)\BuildPackages" `
+              --input "**/*.nupkg" `
+              --config "$(Pipeline.Workspace)\config\signclient.json" `
+              --user "$(SignClientUser)" `
+              --secret "$(SignClientSecret)" `
+              --name "Zeroconf" `
+              --description "Zeroconf" `
+              --descriptionUrl "https://github.com/onovotny/Zeroconf"
+            displayName: Sign packages
+              
+          - publish: $(Pipeline.Workspace)/BuildPackages
+            displayName: Publish Signed Packages
+            artifact: SignedPackages
\ No newline at end of file
diff --git a/scripts/appsettings.json b/config/signclient.json
similarity index 100%
rename from scripts/appsettings.json
rename to config/signclient.json
diff --git a/scripts/Sign-Package.ps1 b/scripts/Sign-Package.ps1
deleted file mode 100644
index 4810e98..0000000
--- a/scripts/Sign-Package.ps1
+++ /dev/null
@@ -1,24 +0,0 @@
-$currentDirectory = split-path $MyInvocation.MyCommand.Definition
-
-# See if we have the ClientSecret available
-if([string]::IsNullOrEmpty($env:SignClientSecret)){
-	Write-Host "Client Secret not found, not signing packages"
-	return;
-}
-
-# Setup Variables we need to pass into the sign client tool
-dotnet tool install --tool-path . SignClient
-
-$appSettings = "$currentDirectory\appsettings.json"
-
-$nupgks = ls $Env:ArtifactDirectory\*.nupkg | Select -ExpandProperty FullName
-
-foreach ($nupkg in $nupgks){
-	Write-Host "Submitting $nupkg for signing"
-
-	.\SignClient 'sign' -c $appSettings -i $nupkg -r $env:SignClientUser -s $env:SignClientSecret -n 'Zeroconf' -d 'Zeroconf' -u 'https://github.com/onovotny/zeroconf' 
-
-	Write-Host "Finished signing $nupkg"
-}
-
-Write-Host "Sign-package complete"
\ No newline at end of file